Over the past year, we have seen a number of Cyber Security breaches that have affected small, medium and large businesses. Companies such as Facebook, Equifax, various Universities, Reddit and British Airways all had their data stolen.
On a positive front, we have seen a steady increase in the utilisation of Cyber Essentials since 2016. However, many companies are still not aware that they already meet most of the controls that Cyber Essentials requires. With more businesses now adding Cyber Security as a standing agenda item for their board meetings, we hope to see an increased adoption rate for this cyber security certification, along with a higher standard of Cyber Security across the board.
Internet of Things (IoT) is also receiving a lot of traction with devices such as Google Home, Amazon Echo, Phillips Hue and Nest Smart Thermostat all making a drastic change to our technological lives. Hackers at DEFCON recently demonstrated a ransomware attack on a Smart Thermostat by locking the temperature at 99°F/37°C until the owner paid a ransom to unlock it. While this technology is still upcoming, we should be mindful of the damage an attacker could cause if they were able to exploit these devices, and how significant this could be for the victim.
Maintaining the consistent uptake of Cyber Security practices is of utmost importance, technology is evolving so rapidly currently, and we are becoming more reliant on these technologies on both a personal and business level. There are a host of resources available to ensure that adopting Cyber Security is effective and manageable. Cyber Essentials provides a baseline for your Cyber Security controls, and the NCSC has released a ’10 steps to Cyber Security’ article which is designed to break down each category with steps required to improve your own cyber security.